Abstract

Java applications have proliferated rapidly in recent years, and the security issue in the source code seems to bring a great threat which cannot be ignored. SQL injection and cross-site scripting vulnerabilities, path traversal, and so on are common Java security vulnerabilities. These vulnerabilities are usually caused by improper handling of user input and we call them input validation vulnerabilities [1].In this paper, we propose a Java source code analysis method based on the taint tracking. By means of vulnerability pattern match, we keep track of the introduction of tainted data and its propagation in different contexts, leading to comprehensive and accurate test results. Actually, we have applied this method to some of the open-source Java projects. Compared to other similar software, our technique presents good feasibility and superiority.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Eliminating SQL Injection and Cross Site Scripting Using Aspect Oriented Programming
Bojan Simic ... James Walden
-
Bojan Simic, et. al.Bojan Simic ... James Walden
01 Jan 2013
Static analysis approaches to detect SQL injection and cross site scripting vulnerabilities in web applications: A survey
Mukesh Kumar Gupta ... Girdhari Singh
-
Mukesh Kumar Gupta, et. al.Mukesh Kumar Gupta ... Girdhari Singh
01 May 2014
Runtime Input Validation for Java Web Applications using Static Bytecode Instrumentation
Sangwook Cho ... Gyoosik Kim
-
Sangwook Cho, et. al.Sangwook Cho ... Gyoosik Kim
11 Oct 2016
Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis
Theodoor Scholte ... Davide Balzarotti
-
Theodoor Scholte, et. al.Theodoor Scholte ... Davide Balzarotti
01 Jul 2012
View more papers

More From: Applied Mechanics and Materials

Paper Title
Journal
Date
Author
Investigation of Strength Concrete Materials Using Pozzolanic Additives
Andi Yusra ... Teuku Budi Aulia
Applied Mechanics and Materials | VOL. 922
Andi Yusra, et. al.Andi Yusra ... Teuku Budi Aulia
19 Aug 2024
Finite Element Analysis and Optimization of the Piezoelectric Circular Diaphragm Energy Harvester
Van Duong Le
Applied Mechanics and Materials | VOL. 922
Van Duong LeVan Duong Le
19 Aug 2024
Thermal Analysis of Micro-Channel Internal Cooling in Cutting Tools: A Machine Learning Approach
Aman Abid ... Shahid Hussain
Applied Mechanics and Materials | VOL. 922
Aman Abid, et. al.Aman Abid ... Shahid Hussain
19 Aug 2024
Optimization of Machining Process on Coated Tungsten Carbide Electrode Tool and Titanium Alloy Workpiece Using EDM: A Critical Review
Newton Kumar Singh ... Kalakonda Saidaiah
Applied Mechanics and Materials | VOL. 922
Newton Kumar Singh, et. al.Newton Kumar Singh ... Kalakonda Saidaiah
19 Aug 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.